VDB
CVE-2017-5896
CVE-2017-5896
PUBLISHED
Reported by mitre · Published February 15, 2017
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| alpine | mupdf | 0, 0, 0 |
| n/a | n/a | n/a |
Timeline
- Feb 15, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
- Jan 7, 2023 EPSS Score
References
- [oss-security] 20170207 Re: mupdf: heap-based buffer overflow in fz_subsample_pixmap mailing-listx_refsource_MLIST
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- DSA-3797 vendor-advisoryx_refsource_DEBIAN
- 96139 vdb-entryx_refsource_BID
- [oss-security] 20170206 mupdf: heap-based buffer overflow in fz_subsample_pixmap mailing-listx_refsource_MLIST
- GLSA-201702-12 vendor-advisoryx_refsource_GENTOO